Subscribe to our Threatpost Today newsletter

Join thousands of people who receive the latest breaking cybersecurity news every day.

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

*

*

I agree to my personal data being stored and used to receive the newsletter

*

I agree to accept information and occasional commercial offers from Threatpost partners

The administrator of your personal data will be Threatpost, Inc., 500 Unicorn Park, Woburn, MA 01801. Detailed information on the processing of personal data can be found in the privacy policy. In addition, you will find them in the message confirming the subscription to the newsletter.

Fresh Approach to WiFi Cracking Uses Packet-Sniffing

The new strategy allows an attacker to instead lift ID information directly from the router, within minutes.

Legacy WiFi just became a little less safe, according to Jens Steube, the developer of the password-cracking tool known as Hashcat. He has found a faster, easier way to crack some WPA/WPA2-protected WiFi networks.

Hackers have compromised the WPA/WPA2 encryption protocols in the past, but it’s an onerous, time-consuming process that requires a man-in-the-middle approach (absent an unpatched vulnerability, that is). It means waiting for a legitimate user to log into the secure network, and being physically poised to use an over-the-air tool to intercept the information that’s sent from the client to the WiFi router during the four-way handshake process that’s used for authentication.

That handshake verifies the Pairwise Master Key Identifier (PMKID), which is used by WPA/WPA2-secured routers to establish a connection between a user and an access point. Armed with this captured piece of information, a bad actor would then brute-force the password, using, say, Hashcat (or another automated cracking tool). The entire process could take hours, depending on how long the brute-forcing takes, how noisy the WiFi network is and so on.

The new strategy allows an attacker to instead lift the PMKID directly from the router, without waiting for a user to log in and without needing to gain visibility into the four-way handshake.

WPA/WPA2 WiFi networks use Extensible Authentication Protocol (EAP) over LAN (EAPoL) to communicate with clients. It’s a network port authentication protocol which was developed to give a generic network sign-on to access WiFi network resources. Embedded within that is Robust Secure Network (RSN) protocol, which is designed for establishing secure communication channels over Wi-Fi. It uses a specialized RSN Information Element (RSN IE) to make that connection work.

It turns out that the PMKID — needed to log into a WPA/WPA2-secured network — is carried in the RSN IE broadcast in EAPOL traffic. That means that the router actually provides it as part of its beaconing, so an unauthenticated attacker can access it by merely attempting to connect to the network.

“The PMKID is computed by using HMAC-SHA1 where the key is the PMK and the data part is the concatenation of a fixed string label ‘PMK Name,’ the access point’s MAC address and the station’s MAC address,” Steube explained in a posting late last week on the attack.

“Since the PMK is the same as in a regular EAPOL four-way handshake, this is an ideal attacking vector. We receive all the data we need in the first EAPOL frame from the [WiFi access point],” he wrote.

Thus, an attacker can obtain the PMKID via a simple packet-capture tool (Steube used the hcxdumptool). Significantly, the average time it takes to accomplish one’s nefarious purpose is around 10 minutes, Steube said. From there, attackers can begin the brute-forcing process.

Steube stumbled upon the technique while attempting to crack the WPA3 encryption protocol, which was released in January by the Wi-Fi Alliance. It incorporates modern best practices, like dynamic data encryption, and it allows users to be blocked after too many log-in attempts to help protect against brute-forcing thanks to a new key scheme.

“WPA3 will be much harder to attack because of its modern key establishment protocol called Simultaneous Authentication of Equals (SAE),” Steube explained. SAE requires interaction with the infrastructure for each guessed password, and the infrastructure can place limits on the number of guesses submitted.

The new cracking technique works only against WPA and WPA2-secured routers running 802.11i/p/q/r protocols, and they must have PMKID-based roaming features enabled. Upgrading one’s routers is the best path to protection. However, older routers will live on for quite some time in both homes and businesses, so users should check for firmware updates from their router manufacturer. Also, the use of a strong password is also a smart mitigation.

“In light of these new techniques, people and organizations should upgrade their routers to WPA3 as soon as updates become available,” Nick Bilogorskiy, cybersecurity strategist at Juniper Networks, told Threatpost. “Until then, I recommend using a VPN connection on top of WiFi for an additional layer of encryption [and checking for patches].”

Authors

Threatpost

InfoSec Insider Post

InfoSec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Post

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.